I have created own CAS server and client. Both of them are located on localhost.
I have added following json service definition:
{
"@class" : "org.jasig.cas.services.RegexRegisteredService",
"serviceId":"^(https?|imaps?)://.*",
"name" : "localhost",
"theme" : "localhost",
"id" : 1,
"description" : "localhost test CAS client",
"proxyPolicy" : {
"allowedToProxy": true,
"@class" : "org.jasig.cas.services.RefuseRegisteredServiceProxyPolicy"
},
"evaluationOrder" : 1,
"usernameAttributeProvider" : {
"@class" : "org.jasig.cas.services.DefaultRegisteredServiceUsernameProvider"
},
"logoutType" : "BACK_CHANNEL",
"attributeReleasePolicy" : {
"@class" : "org.jasig.cas.services.ReturnAllowedAttributeReleasePolicy",
"principalAttributesRepository" : {
"@class" : "org.jasig.cas.authentication.principal.DefaultPrincipalAttributesRepository"
},
"authorizedToReleaseCredentialPassword" : false,
"authorizedToReleaseProxyGrantingTicket" : false
},
"accessStrategy" : {
"@class" : "org.jasig.cas.services.DefaultRegisteredServiceAccessStrategy",
"enabled" : true,
"ssoEnabled" : true
}
}
but I continuously getting a following exception:
17:43:23.513 [http-nio-8443-exec-2] DEBUG o.j.c.c.v.Cas20ProxyTicketValidator - Server response:
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationFailure code='UNAUTHORIZED_SERVICE_PROXY'>
The supplied service 'https://localhost:8443/cas-sample/login/cas' is not authorized to use CAS proxy authentication.
</cas:authenticationFailure>
</cas:serviceResponse>
17:43:23.515 [http-nio-8443-exec-2] DEBUG o.s.s.c.web.CasAuthenticationFilter - Authentication request failed: org.springframework.security.authentication.BadCredentialsException:
The supplied service 'https://localhost:8443/cas-sample/login/cas' is not authorized to use CAS proxy authentication.
What can be wrong with my config ?
I got it working by changing policy class to :
"proxyPolicy" : {
"@class" : "org.jasig.cas.services.RegexMatchingRegisteredServiceProxyPolicy",
"pattern" : "^https://.+"
}